Vulnerabilities > IBM > Robotic Process Automation With Automation Anywhere > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-07-01 | CVE-2019-4298 | Unspecified vulnerability in IBM Robotic Process Automation With Automation Anywhere IBM Robotic Process Automation with Automation Anywhere 11 uses a high privileged PostgreSQL account for database access which could allow a local user to perform actions they should not have privileges to execute. | 7.1 |
| 2018-11-02 | CVE-2018-1877 | Cleartext Storage of Sensitive Information vulnerability in IBM Robotic Process Automation With Automation Anywhere 11.0 IBM Robotic Process Automation with Automation Anywhere 11 could store highly sensitive information in the form of unencrypted passwords that would be available to a local user. | 7.8 |
| 2018-11-02 | CVE-2018-1552 | Unrestricted Upload of File with Dangerous Type vulnerability in IBM Robotic Process Automation With Automation Anywhere 10/11 IBM Robotic Process Automation with Automation Anywhere 10.0 and 11.0 allows a remote attacker to execute arbitrary code on the system, caused by a missing restriction in which file types can be uploaded to the control room. | 8.8 |
| 2018-06-07 | CVE-2018-1547 | Unspecified vulnerability in IBM Robotic Process Automation With Automation Anywhere 10.0 IBM Robotic Process Automation with Automation Anywhere 10.0 could allow a remote attacker to execute arbitrary code on the system, caused by improper output encoding in an CSV export. | 7.7 |
| 2018-06-07 | CVE-2018-1514 | Cross-Site Request Forgery (CSRF) vulnerability in IBM Robotic Process Automation With Automation Anywhere 10.0 IBM Robotic Process Automation with Automation Anywhere 10.0 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. | 8.8 |